On 06/06/17 20:12, Stefan Claas wrote: > Is TOFU verifying the email address from the from: header of the message > and then compares it with the email address in the UID?
Yes. > I ask, because > if i would use a free form UID with no email address That would make it difficult. >, or i use an Anon > Remailer with a nym account where both email addresses are not identical. This doesn't seem like a problem, depending on some assumptions. In the usual case where you wouldn't want the two accounts linked to the same person, you would use two completely separate certificates, each with their own pseudonym with nym address. If you don't care that peole realize they belong to the same person, you would create two UIDs on the same key, one for each nym account. > I just installed modern GnuPG and used it with two inline PGP messages from > Usenet and i like it. :-) Good to hear :-). > I tried also with Enigmail under OS X but when checking the signatures here > from the list members i always get the blue "Untrusted Good Signature". Did you already enable TOFU? It needs a line in your gpg.conf. Either: trust-model tofu or trust-model tofu+pgp The latter combines it with the Web of Trust. See the manpage for more info. gpg.conf is in your GnuPG homedir. I think this is ~/.gnupg by default on OS X as well. HTH, Peter. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at <http://digitalbrains.com/2012/openpgp-key-peter>
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
